13.3.9 Practice exam

Which of the following statements about the use of anti-virus software is correct?

Anti-virus software should be configured to download updated virus definition files assoon as they become available.soon as they become

You have installed anti-virus software on the computers on your network. You update thedefinition and engine files, and configure the software to update those files every day.
What else should you do to protect your systems from malware?(Select two.)

Schedule regular full system scans. Educate users about malware.

An attacker sets up 100 drone computers that flood a DNS server with invalid requests. This isan example of which kind of attack?an example of which kind of attack

DDoS

Which of the following is the best countermeasure against man-in-the middle attacks?

IPsec

A collection of zombie computers have been setup to collect personal information.
What type of malware do the zombie computers represent?

Botnet

Which of the following describes a logic bomblogic bomb?

A program that performs a malicious activity at a specific time or after a triggering event

Which of the following are characteristics of a rootkitrootkit? (Select two.)

Hides itself from detection Requires administrator-level privileges for installation

Which of the following best describes spyware?

It monitors the actions you take on your machine and sends the information back to itsoriginating source.

A relatively new employee in the data entry cubical farm was assigned a user account similar tothat of all of the other data entry employees. However, audit logs have shown that this useraccount has been used to change ACLs on several confidential files and has accessed data inaccount has been used to change

This situation indicates which of the following has occurred?

Privilege escalation

What are the most common network traffic packets captured and used in a replay attack?

Authentication

Which of the following are denial of service attacks? (Select two.)

Smurf Fraggle

An attacker uses an exploit to push a modified hosts file to client systems. This hosts fileredirects traffic from legitimate tax preparation sites to malicious sites to gather personal andredirects traffic from legitimate tax preparation sites to malicious sites to gather personal andfinancial information.financial information.
What kind of exploit has been used in this scenario?

Pharming DNS poisining

Users in your organization receive email messages informing them that suspicious activity hasbeen detected on their bank account. They are directed to click a link in the email to verify theirbeen detected on their bank account. They are directed to click a link in the email to verify theironline banking username and password.
The URL in the link is in the .ru top-level DNS domain.online banking username and password.
What kind of attack has occurred?

Phishing

A programmer that fails to check the length of input before processing leaves his codevulnerable to what form of common attack?

Buffer overflow